npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

sfds-publish

v0.0.0

Published

This [GitHub Action][github actions] publishes to npm with the following conventions:

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

shawnbotshawnbot

Keywords

publishgithub-actionsnpm

Readme

primer/publish

This GitHub Action publishes to npm with the following conventions:

  1. If we're on the default branch, the version field is used as-is and we just run npm publish --access public.
    • After publishing a new version on the default branch, we tag the commit SHA with v{version} via the GitHub API.
    • If the version in package.json is already published, we exit with a 0 code. Previously, we exited with a 78 code, which was Actions v1-speak for "neutral", but this has been removed from Actions v2.
  2. If we're on a release-<version> branch, we publish a release candidate to the next npm dist-tag with the version in the form: <version>-rc.<sha>.
    • A status check is created with the context npm version noting whether the version field in package.json matches the <version> portion of the branch. If it doesn't, the check's status is marked as pending.
  3. Otherwise, we publish a "canary" release, which has a version in the form: 0.0.0-<sha>.

Status checks

Depending on the branch, a series of statuses will be created by this action in your checks: publish is the action's check, and publish {package-name} is a commit status created by the action that reports the version published and links to unpkg.com via "Details":

image

If you're on a release branch (release-<version>) and the <version> portion of the branch name doesn't match the version field in package.json, you'll get a pending status reminding you to update it:

image

Usage

You will need to provide an npm access token with publish permissions via the NPM_AUTH_TOKEN secret in the Actions visual editor if you haven't already. The GITHUB_TOKEN secret is also required to create tags after releasing on the master branch.

We suggest that you place this action after any linting and/or testing actions to catch as many errors as possible before publishing.

Actions

To use this in an Actions workflow, add the following YAML to one or more of your steps:

- uses: primer/publish@v3
  env:
    GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
    NPM_AUTH_TOKEN: ${{ secrets.NPM_AUTH_TOKEN }}

You can pass additional inputs via the with key:

- name: Publish to the npm registry
  uses: "primer/[email protected]"
  with:
    npm-args: "--unsafe-perm --allow-same-version"
    default-branch: "main"

Inputs

dry_run

Does everything publish would do except actually publishing to the registry. Reports the details of what would have been published.

Default: false

Example

- name: Publish to the npm registry
  uses: "primer/[email protected]"
  with:
    dry_run: true

dir

Accepts a path to the directory that contains the package.json to publish.

Default: .

Example

- name: Publish to the npm registry
  uses: "primer/[email protected]"
  with:
    dir: "packages/example"
}

npm_args

It's possible to pass additional arguments to npm via the npm_args input in your workflow action.

- name: Publish to the npm registry
  uses: "primer/[email protected]"
  with:
    npm_args: "--unsafe-perm --allow-same-version"

default_branch

The branch you'd like to use to trigger releases. Typically this is main or master.

Default: master

- name: Publish to the npm registry
  uses: "primer/[email protected]"
  with:
    default_branch: "main"

release_tag

The release_tag input can be used to override the auto-generated release tag.

Default: latest

- name: Publish to the npm registry
  uses: "primer/[email protected]"
  with:
    release_tag: "1.0.0"